email

Coronavirus – hackers exploit fear of infection to spread malware

With sad predictability cybercriminals are exploiting the Coronavirus outbreak that occurred in Wuhan, mainland China, and is now causing new infections around the world.

Sonos goofs again – this time revealing customers’ email addresses in Cc: blunder

Sonos’s customer support team tried to make grumpy customers happier by telling them their emails would take a little longer than normal to answer.

But boy oh boy, they only made things worse.

bitdefender.com

Sextortion scam leverages Nest video footage to fool victims into believing they are being spied upon everywhere

A bizarre sextortion scam is attempting to trick victims that not only has their smartphone been hacked to spy upon their private lives, but also every other device they have encountered which contains a built-in camera.

Read more in my article on the Hot for Security blog.

NHS service accidentally reveals identities of HIV patients in email blunder

An NHS health board has found itself in the awkward position of apologising to 37 HIV patients, after accidentally disclosing their identities.

Data protection authority reports itself to itself after data breach

The Dutch Data Protection Authority has confessed to making the same kind of mistake that many others have made before – sending out an email with a long list of email addresses listed for all to see in the Cc: rather than hidden away via the Bcc: field.

VFEmail suffers ‘catastrophic’ attack, as hacker wipes email service’s primary and backup data

There will be many angry customers of VFEmail who will be distraught at the thought that years’ worth of irreplaceable personal and business correspondence may have been wiped out. It’s understandable that some might turn their fury towards VFEmail.

But VFEmail is a victim too.

International email bomb hoax proves to be a spectacular failure

Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday.

But if the hoaxer thought they were going to make a lot of money through the scam, they’re going to be disappointed.

Smashing Security #105: Facebook, Nietzsche, Tesla, and Nicole

Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.

US Dept of State says attack on email system exposed employees’ personal data

The US Department of State has confirmed that it has suffered a data breach which exposed the personally identifiable information of some employees.

Making millions out of prisoners’ email

Big business turns a blind eye to the human cost of exploiting US prisoners and their loved ones.

£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder

The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 for revealing identities of abuse victims in a mass email.

Smashing Security #083: Fake email derails clarinetist’s dream

Hell hath no fury like a jealous clarinetist’s girlfriend! Your Google ChromeCast could be letting stalkers find out where you live! And why on earth is Graham recommending people write their passwords down in a book!?

Learn more in the latest episode of the award-winning “Smashing Security” podcast, with hosts Graham Cluley and Carole Theriault.

Despite Efail, the sky is not falling

The Efail attack on encrypted emails is sneaky, but it doesn’t seem to be all that it’s hyped up to be.

Critical vulnerabilities in PGP/GPG and S/MIME email encryption, warn researchers

Brace yourself, there’s a security scare involving encrypted email that could see your past sensitive messages exposed.

It’s name? “Efail.”

This company deliberately deleted its customer email mailing list. Maybe you should too

With much tougher data protection regulations coming into force in May 2018 in the form of GDPR, it may be a canny move to securely wipe such information sooner rather than later.

Watch this webinar to learn about email security threats

Email security matters. Check out this free webinar where I discuss the threats.